Microsoft Defender for Endpoint Reviews

Microsoft Defender for Endpoint is used for protection against threats.

The reporting in Microsoft Defender for Endpoint should improve. The solution has limited features.

I have been using Microsoft Defender for Endpoint for approximately three years.

Microsoft Defender for Endpoint is stable.

The scalability is good.

My team did the implementation of the solution.

This solution is part of an enterprise license we have.

There are a lot of other products on the market that have better features.

If you have a mid-sized organization, the solution works well. However, in a large size organization, there are challenges.

I rate Microsoft Defender for Endpoint a seven out of ten.

My primary use case is as an end-user solution. It helps protect the computer against viruses and malware. It has a firewall option and offers basic protection for an end-user and a home user. If you are a home user, it's a very good solution for you.

The most valuable feature is that it is easy to use; the solution is already there when you load Windows. It's effective against most types of infection, and the firewall is perfect for protection.

One area where the product could be improved is that I don't think it can be used all by itself, if you are working with a business. If you are using the laptop as a business, you need to add an extra protection with this solution.

The solution could be more friendly for end-users, with different type of scans or scheduled scans for it. The antivirus database update could be a cloud protection instead of waiting for the database to be updated every now and then.

I have been using the solution since it launched, around 2014.

The solution is stable and working fine for me. I haven't faced any problem with it.

The solution is scalable.

I haven't had a crash or problem with Microsoft Defender, so I haven't needed to contact the support.

The solution is a Windows feature, so it's already there when I launch the operating system.

The solution is free with Windows.

I would rate the solution a seven out of ten. As it's a free solution, it doesn't have a lot of features like paid versions. If you are a home user or don't have a paid version of any other antivirus, Defender will be fine for you.

Microsoft Defender for Endpoint is useful for the protection of your business information and threat prevention.

The deployment of Microsoft Defender for Endpoint on Windows 10 is not quite so straightforward. This could be made easier.

I have been using Microsoft Defender for Endpoint for four years. 

I am satisfied with the stability of Microsoft Defender for Endpoint. 

Microsoft Defender for Endpoint is scalable. Currently, we have 600,000 users in our organization.

I have never contacted the technical support. 

The company pays for the license so I do not know much about that. 

I would recommend Microsoft Defender for Endpoint.

Our primary use case of this solution is endpoint protection. In general, we use it to protect our devices, rather than using third-party software. 

This solution is deployed on-prem. 

The most valuable feature is that it comes with the package, so there is no additional installation of third-party software. It's also easy to use. 

Microsoft Defender could be improved with features more like the McAfee ePO. It would be better if I had a console to get all the information for my endpoints. Maybe this is too much for it, but it would be better if it could handle those non-signature-based malicious codes or viruses. In the future, more and more non-signature-based activities or viruses will appear, which you can see in the market with software like CrowdStrike or other products that target non-signature-based attacks. 

There are two groups: one is signature, which means that people know it, and the other is non-signature, which means that these are abnormal activities unknown to people. If Defender could also handle those non-signature-based attacks or abnormal activities, it would be better. 

I have been using Microsoft Defender for one or two years. 

This solution is quite stable. In our opinion, it's similar to those signature-based antivirus software, and almost at the same level. 

There are about five or six users of Microsoft Defender in my organization, because we are not very big. Other people and other teams like to have different end device software. 

We have a support contract with Microsoft, so we have a ticket system where we can pass questions to them. These things are handled by the help desk people, though, not me. 

It's not difficult to install Microsoft Defender. I don't remember how much time it took, but the process is easy. 

We pay a yearly license for Microsoft Defender. We also have a support contract with them. 

I wish that Microsoft Defender had a feature like McAfee's ePO, where I could have a console to get all the information for my endpoints. I also evaluated CrowdStrike because it can target non-signature-based attacks.  

I rate Microsoft Defender an eight out of ten. I would recommend it to others, but it depends on whether they have their own policy for deploying antivirus products. It's good for some users who have some preferences—who need to follow their security policy or who have some budgeting issues. 

We primarily use the solution for cloud security. It was used for threat detection and endpoint to endpoint.

The product can be used for organizations that use Microsoft as their primary security defender and need zero-day threat protection. It's good for companies that want to make sure there are no threats or attacks on their information.

It's one of the best antiviruses on the market.

The solution could be even more secure and provide an even higher level of security.

I've been using the solution for more than two months at this point.

We have a team of up to four or five people that use the solution.

I've never contacted technical support or worked with them on any issues. 

The installation is very straightforward and the deployment is quick as well. 

While I recall the deployment not taking too much time, I don't remember the exact amount, as it was already installed by my team here. It was likely less than ten minutes.

You only need roughly four people, at a maximum, to install the solution. You need one good manager and four or five engineers.

I can handle the installation process myself. 

In order to use the solution, a base subscription is required.

We are always using the latest version of the solution.

I'd rate the solution at an eight out of ten.

I would recommend the solution to other users and organizations.

Microsoft Defender for Endpoint is integrated into Microsoft Windows and is used for system protection.

Microsoft Defender for Endpoint has been secure and there is zero maintenance required because it updates with Microsoft Windows.

The solution can be more user-friendly.

I have been using Microsoft Defender for Endpoint for a few years.

Microsoft Defender for Endpoint is stable.

The solution is scalable.

We have 30 users using the solution in my organization.

The solution has no installation as it comes with Microsoft Windows.

I do not have to purchase antivirus solutions anymore because Microsoft Defender for Endpoint is integrated into Windows and comes free.

I would recommend this solution to others.

I rate Microsoft Defender for Endpoint a ten out of ten.

The solution is used to protect the endpoint. Also, there's an antivirus and then advanced threat protection. It's also detecting threats and sending that to the cloud and correlating that without the events from other parts of the EMS suites. That's primarily what we are using it for. It is also capable of doing some attack surface reduction that you can configure on the endpoint. It's basic protection plus surveillance. It's also an EDR, however, we are not using that.

It's always very difficult to measure, however, it integrates very well with the other Microsoft products. It's easy to handle them. That's an important point when you want to achieve a higher security level that it's easy to manage. You can be sure that it's up to date and it's managed and the alarms are taking care of and so on. It's not only the technical capabilities, that are important. How it plays together with the rest of your products is also key.

It's not really visible for the user - which is a benefit. 

We know it's pretty good in terms of detecting threats against our platform and attacks. We have seen that.

There's privileged escalation or lateral movements for attacks.

The solution is stable.

The scalability is good.

The dashboards could be better. There's a suite of different products that play together and enhance security and receive signals from different parts of the product suites. When you are trying to look into that sort of depth on a dashboard, or across various dashboards, it can be difficult to obtain a comprehensive overview as it's so divided.

The initial setup can be a bit complex. 

Beyond that, I'm not involved in the day-to-day operation. There may be others that can offer more insights.

We started using it when we started to migrate to Windows 10 and that was likely four years ago. However, that was the Microsoft basic version. Recently, we also enabled the ATP path.

It's my understanding that the solution is very stable. It's a pretty mature solution.

In terms of scalability, we have not encountered any issues. We have around 7,000 end points.

We don't have too many physical people dealing with the solution. We have some people in operations and then some architects and so on, however, they are not involved on a day-to-day basis.

The initial setup is somewhat complex, however, that's not only due to the product. It's also the environment that it is going to be implemented into. Also, when you have a company with a lot of legacy products and all the setups and so on there may be difficulties in terms of getting everything to work together.

The deployment can take up to a couple of months, however, it's dependant on the environment that it needs to be implemented into. For instance, if other kinds of agents are writing on the computer, you need to make sure that it is not consuming too much CPU capacity and so on. If you have a good system, it would be very quick to install.

We have a deployment plan and we have taken advice from Microsoft Learning from their onboarding Planning information. There isn't anything that is very special, as, when you roll out new software on an endpoint, you must make sure that it's not disturbing the day-to-day operation. You start with a small group of test users and then do it in bigger and bigger waves and always be ready to go back. It's good to have that preparedness so that you can roll back and you can investigate what's gone wrong and so on, however that's not special to a different endpoint. That's a normal deployment strategy.

It has been possible to reduce the use of other agents. Beyond that, we have not made any financial calculations in relation to ROI. We have been using McAfee, for example, among others, and it's been possible to scale down. Microsoft is more integrated, more comprehensive, and Defender is part of the Microsoft operating system.

We are customers and end-users.

This Microsoft security platform is very much a SAS platform. It's playing together with all the other security products from Microsoft and the company is using the Azure platform to collect the information and to work on the main refine security findings. It's working very well together with the Microsoft Cloud solution for security.

It's my understanding that they call it the security graph. It's quite important that they are communicating together. Windows Defender, ATP is delivering a lot of telemetry to that form and correlating it with telemetries.

The reason why we have implemented DHCP part is due to the fact that we bought a Microsoft E5 license with a lot of security enhancements.

I've only seen it in the implementation and design phase, however, it's pretty good. That said, it's also within the environment of a large company where the processes can be a bit difficult.

I'd advise users to integrate it into their security operations center so that they can have the full benefit of the product.

I'd rate the solution at an eight out of ten.

We use this solution to protect and blocks any threats. We use it for protection.

This solution is not secure, which is why I have moved to Linux.

Microsoft Defender for Endpoint could be more secure.

I have been using Microsoft Defender for Endpoint for two years.

I have not yet used technical support.

It comes preinstalled with the OS. There is no need for any deployment. There is no installation or any other steps needed.

The installation of the host OS was easy.

I installed the OS myself.

There is no licensing fee. It comes included with the Windows license.

I don't recommend this solution.

I would rate Microsoft Defender for Endpoint a five out of ten.